Email this

We hate spam. The information you've entered will not be shared or sold.

Email sent

Your link to 'Ports blocked on Comcast's network' has been sent!

Introduction

For the protection of the network and our customers, Comcast Business Internet blocks certain ports. Learn which ports are blocked and why.

The ports listed below are blocked to protect against common viruses and worms, malicious intruders, and other security risks. These ports are blocked to protect our customers and the integrity of the Comcast Network; these blocks cannot be lifted.

Port

Transport

Protocol

How and why it's blocked

0

TCP

N/A

Inbound and outbound, blocked by default.

Port 0 is a reserved port, which means it should not be used by applications. Network abuse has prompted the need to block this port.

DHCP ports can be used for malicious attacks, such as obtaining access to a computer or network and its devices.

110

TCP

POP3

The Post Office Protocol (POP) is a mail protocol used for receiving email.

This port is blocked because without SSL enabled, it is not encrypted and leaves customers vulnerable to having their user information and passwords compromised.

135
-139

TCP/UDP

NetBIOS

Inbound and outbound, blocked by default.

Allows file sharing over networks.

When improperly configured, they can expose critical system files or give full file system access (run, delete, copy) to any malicious intruder connected to the network.

161
-162

TCP/UDP

SNMP

Inbound and outbound, blocked by default.

SNMP is vulnerable to reflected amplification distributed denial of service (DDoS) attacks.

445

TCP

MS-DS-SMB

Inbound and outbound, blocked by default.

Security risks; vulnerable to attacks, exploits, and worms (such as Sasser and Ninder).

520

TCP/UDP

RIP

Inbound and outbound, blocked by default.

Vulnerable to malicious route updates, which provide several attack possibilities.

1080

TCP

SOCKS

Inbound only, blocked by default.

Multiple vulnerabilities (viruses, worms, DoS attacks).

In very rare situations, port 25 will be blocked by Comcast Customer Security Assurance on a per customer basis (blocked at the modem) and not across the network. This block will be preceded by an email and letters to the billing address. In this case, you can use secured port 587 for sending email.

If you are running a mail server please contact Comcast Customer Security Assurance at 1-877-807-6580 for more information on this block.

Port

Transport

Protocol

How and why it's blocked

25

TCP

SMTP

Inbound and outbound, not blocked by default.

We may apply a sending block, which will prevent email programs or clients (e.g., Outlook Express) from sending email.

An unsecured port that can be used to send spam.

Customers may be advised by our Security Assurance team to switch their modem connection to a secured port that requires authentication (such as port 587).